CVE-2011-0018

OpenVAS Manager <2.0rc2 - Command Injection

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2011-0018. PoCs published by Tim Brown.

AI-analyzed exploit summary This is a security advisory detailing a command injection vulnerability in OpenVAS Manager (CVE-2011-0018), allowing privilege escalation or arbitrary code execution via insufficiently validated OMP requests. The advisory includes technical details, exploit mechanics, and mitigation steps.

Description

The email function in manage_sql.c in OpenVAS Manager 1.0.x through 1.0.3 and 2.0.x through 2.0rc2 allows remote authenticated users to execute arbitrary commands via the (1) To or (2) From e-mail address in an OMP request to the Greenbone Security Assistant (GSA).

Exploits (1)

exploitdb WRITEUP VERIFIED
by Tim Brown · textlocallinux
https://www.exploit-db.com/exploits/16086

This is a security advisory detailing a command injection vulnerability in OpenVAS Manager (CVE-2011-0018), allowing privilege escalation or arbitrary code execution via insufficiently validated OMP requests. The advisory includes technical details, exploit mechanics, and mitigation steps.

Classification
Writeup 100%
Attack Type
Rce | Lpe
Complexity
Moderate
Reliability
Reliable
Target: OpenVAS Manager <= 1.0.3 and 2.0rc2
Auth required
Prerequisites: Authenticated access to OpenVAS Manager or GSA · Ability to send crafted OMP requests
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (8)

Core 8
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/45987
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/515971/100/0/threaded
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/43037
Exploit, Patch, Vendor Advisory x_refsource_confirm
http://www.openvas.org/OVSA20110118.html
Vendor Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2011/0208
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/70639
Exploit, Third Party Advisory exploit x_refsource_exploit-db
http://www.exploit-db.com/exploits/16086
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/65011

Scores

EPSS 0.0927
EPSS Percentile 94.7%

Details

CWE
CWE-20
Status published
Products (5)
openvas/openvas_manager 1.0.0 (9 CPE variants)
openvas/openvas_manager 1.0.1
openvas/openvas_manager 1.0.2
openvas/openvas_manager 1.0.3
openvas/openvas_manager 2.0 beta1 (5 CPE variants)
Published Jan 28, 2011
Tracked Since Feb 18, 2026